SATAN Security Scanner 1.0/1.1 Session Key improper authentication

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in SATAN Security Scanner 1.0/1.1 (Security Testing Software). This affects some unknown functionality of the component Session Key Handler. Upgrading eliminates this vulnerability.

Field06/17/2014 03:46 PM04/03/2019 02:19 PM
vendorSATANSATAN
nameSecurity ScannerSecurity Scanner
version1.0/1.11.0/1.1
componentSession Key HandlerSession Key Handler
risk11
historic11
cvss2_vuldb_basescore7.67.6
cvss2_vuldb_tempscore6.66.6
cvss2_vuldb_avNN
cvss2_vuldb_acHH
cvss2_vuldb_auNN
cvss2_vuldb_ciCC
cvss2_vuldb_iiCC
cvss2_vuldb_aiCC
cvss3_meta_basescore8.18.1
cvss3_meta_tempscore7.77.7
cvss3_vuldb_basescore8.18.1
cvss3_vuldb_tempscore7.77.7
freeformenThis might be the 1st vulnerability in a security scanning tool ever.This might be the 1st vulnerability in a security scanning tool ever.
date796867200 (04/03/1995)796867200 (04/03/1995)
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
cveCVE-1999-0151CVE-1999-0151
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_avNN
cvss3_vuldb_acHH
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
typeSecurity Testing Software
cvss2_nvd_avN
cvss2_nvd_acH
cvss2_nvd_auN
cvss2_nvd_ciC
cvss2_nvd_iiC
cvss2_nvd_aiC
cve_nvd_published796867200
cve_nvd_summarythe satan session key may be disclosed if the user points the web browser to other sites possibly allowing root access.
cwe0287 (weak authentication)

Want to stay up to date on a daily basis?

Enable the mail alert feature now!